asraa
|
cfa1593e1c
|
✨ Add Script Injection to Dangerous-Workflow (#1368)
* add dangerous workflow pattern script injection
Signed-off-by: Asra Ali <asraa@google.com>
* add more tests
Signed-off-by: Asra Ali <asraa@google.com>
* update laurent comments
Signed-off-by: Asra Ali <asraa@google.com>
|
2021-12-09 13:53:55 -08:00 |
|
asraa
|
fd67ddf1c4
|
🌱 update dangerous workflow to use actionlint (#1328)
* update dangerous workflow to use actionlint
Signed-off-by: Asra Ali <asraa@google.com>
* fix nilptr
Signed-off-by: Asra Ali <asraa@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
|
2021-11-22 18:32:27 +00:00 |
|
asraa
|
730076fab1
|
🐛 fix dangerous workflow test and workflow parsing (#1283)
* fix dangerous workflow
Signed-off-by: Asra Ali <asraa@google.com>
* check if removing label comment fixes
Signed-off-by: Asra Ali <asraa@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
|
2021-11-20 00:16:02 +00:00 |
|
laurentsimon
|
cc4949465b
|
✨ [Check split]: Binary-Artifacts (#1244)
* split binary artifact check
* fix
* missing file
* comments
* linter
* fix
* comments
* linter
|
2021-11-16 19:57:14 +00:00 |
|
asraa
|
1050b1cd60
|
✨ Add dangerous workflow check with untrusted code checkout pattern (#1168)
* add dangerous workflow check with untrusted code checkout pattern
Signed-off-by: Asra Ali <asraa@google.com>
* update
Signed-off-by: Asra Ali <asraa@google.com>
* add env var
Signed-off-by: Asra Ali <asraa@google.com>
* fix comment
Signed-off-by: Asra Ali <asraa@google.com>
* add repos git checks.yaml
Signed-off-by: Asra Ali <asraa@google.com>
* update checks.md
Signed-off-by: Asra Ali <asraa@google.com>
* address comments
Signed-off-by: Asra Ali <asraa@google.com>
* fix merge
Signed-off-by: Asra Ali <asraa@google.com>
* add delete
Signed-off-by: Asra Ali <asraa@google.com>
* update docs
Signed-off-by: Asra Ali <asraa@google.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
|
2021-11-15 20:18:10 +00:00 |
|